IT GRC

What you'll do

• Build and maintain IT policies, standards, and governance processes
• Conduct IT risk assessments and maintain the risk register
• Identify, evaluate, and track remediation of technology risks
• Drive compliance initiatives (ISO 27001, SOC2, GDPR, PDPA, etc.) and some audit relate to regulation.
• Prepare documentation, evidence, and coordination for internal/external audits
• Work with security and engineering teams to validate and improve controls
• Support security awareness and incident response processes

Requirements

• Bachelor’s degree or equivalent in Information Technology or Computer Science.
• Minimum of 2 years work experience as IT GRC, Audit, and Security roles.
• Has experienced in working in a Financial Institutions is Preferred.
• Experience in IT GRC, information security, or cybersecurity
• Good understanding of ISO 27001, NIST, COBIT, SOC2
• Strong risk assessment, documentation, and communication skills
• Ability to work cross‑functionally with technical and non‑technical teams
• Strong analytical skills and attention to detail.